MSPs must report cyberthreats

Josh Klasco Blog

The Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) is a new government regulation with significant implications for managed service providers (MSPs). This act requires MSPs to report any cyber incidents they discover to the relevant authorities. This is a significant shift from the previous model, where MSPs were not required to disclose any information about cyber incidents to the government.


The primary motivation behind CIRCIA is to improve the overall security of infrastructure in the United States. By requiring MSPs to report cyber incidents, the government can more quickly identify and respond to threats.


For MSPs, CIRCIA will require them to implement new processes and procedures to make sure they are compliant with the law. This includes identifying and reporting any cyber incidents in a timely manner and implementing robust security measures to prevent such incidents from occurring in the first place.


One key aspect of CIRCIA is the definition of what constitutes a “cyber incident.” According to the legislation, a cyber incident is any occurrence that “affects, or could affect, the integrity, confidentiality, or availability of information systems” that control infrastructure. This definition is relatively broad and could encompass a wide range of activities, including hacking, malware attacks, and data breaches.


MSPs should be aware that the CIRCIA imposes strict reporting requirements. If an MSP discovers a cyber incident, they must report the incident to the appropriate authorities within 72 hours of discovery. In addition, MSPs are required to provide regular updates on the status of the incident and any actions taken to address it.


While the CIRCIA may create additional responsibilities for MSPs, it is ultimately a positive development for the industry. By promoting greater transparency and cooperation between MSPs and the government, the act will help to build trust and confidence in the managed services sector. Additionally, improving the overall security infrastructure will benefit MSPs by reducing the risk of costly and disruptive cyber incidents.


CIRCIA is a significant development for MSPs and will require them to implement new processes and procedures to ensure compliance. While this may create additional responsibilities for MSPs, it is ultimately a positive development that will help improve infrastructure security and promote greater trust and confidence in the managed services sector.

As you take CIRCIA into consideration, you’ll need a cybersecurity provider that makes your life easy. If you’re an MSP looking to expand your cybersecurity territory, give Coro a try. When you partner with Coro you get joint marketing campaigns aimed at growing your business with you. Coro can even provide sponsorship for trade shows, joint calls with clients, and co-brand (both Coro and MSP) PDF’s and presentation materials. 

Our approach isn’t about profit through complexity. Coro is all about intelligent automation. We want to give IT teams the freedom to focus on their businesses. 

See why so many MSPs love partnering with Coro